Oct 12 2020
05:50 AM
- last edited on
May 24 2021
02:36 PM
by
TechCommunityAP
Oct 12 2020
05:50 AM
- last edited on
May 24 2021
02:36 PM
by
TechCommunityAP
Hi Azure friends,
I used the PowerShell ISE for this configuration. But you are also very welcome to use Visual Studio Code, just as you wish. Please start with the following steps to begin the deployment (the Hashtags are comments):
#The first two lines have nothing to do with the configuration, but make some space below in the blue part of the ISE
Set-Location C:\Temp
Clear-Host
#So that you can carry out the configuration, you need the necessary cmdlets, these are contained in the module Az (is the higher-level module from a number of submodules)
Install-Module -Name Az -Force -AllowClobber -Verbose
#Log into Azure
Connect-AzAccount
#We look at the provider
Get-AzProviderOperation "Microsoft.Support/*" | FT Operation, Description -AutoSize
#We copy an existing role and expand it later
Get-AzRoleDefinition -Name "Reader" | ConvertTo-Json | Out-File C:\Temp\ReaderSupportRole.json
#Open the ReaderSupportRole.json in VSCode or any other editor
#We need the subscription ID
Get-AzSubscription
#In AssignableScopes, add your subscription ID
#Change the Name and Description properties to "Reader Support Tickets" and "View everything in the subscription and also open support tickets." Also change from "IsCustom": false " to "IsCustom": true. In "Actions" add "Microsoft.Support/*"
#Now we add our role to Azure
New-AzRoleDefinition -InputFile "C:\Temp\ReaderSupportRole.json"
#To list all your custom roles
Get-AzRoleDefinition | ? {$_.IsCustom -eq $true} | FT Name, IsCustom
or
Get-AzRoleDefinition "Reader Support Tickets"
You can also see the custom role in the Azure portal. Now you have configured an RBAC role with the PowerShell in Azure! Congratulations!
I hope this article was useful. Best regards, Tom Wechsler
P.S. All scripts (#PowerShell, Azure CLI, #Terraform, #ARM) that I use can be found on github! https://github.com/tomwechsler